| Benjamin Wright | 8c27cca | 2018-10-25 10:16:44 -0700 | [diff] [blame^] | 1 | /* |
| 2 | * Copyright 2018 The WebRTC project authors. All Rights Reserved. |
| 3 | * |
| 4 | * Use of this source code is governed by a BSD-style license |
| 5 | * that can be found in the LICENSE file in the root of the source |
| 6 | * tree. An additional intellectual property rights grant can be found |
| 7 | * in the file PATENTS. All contributing project authors may |
| 8 | * be found in the AUTHORS file in the root of the source tree. |
| 9 | */ |
| 10 | package org.webrtc; |
| 11 | |
| 12 | /** |
| 13 | * CryptoOptions defines advanced cryptographic settings for native WebRTC. |
| 14 | * These settings must be passed into RTCConfiguration. WebRTC is secur by |
| 15 | * default and you should not need to set any of these options unless you are |
| 16 | * specifically looking for an additional crypto feature such as AES_GCM |
| 17 | * support. This class is the Java binding of native api/crypto/cryptooptions.h |
| 18 | */ |
| 19 | public final class CryptoOptions { |
| 20 | /** |
| 21 | * SRTP Related Peer Connection Options. |
| 22 | */ |
| 23 | public final class Srtp { |
| 24 | /** |
| 25 | * Enable GCM crypto suites from RFC 7714 for SRTP. GCM will only be used |
| 26 | * if both sides enable it |
| 27 | */ |
| 28 | private final boolean enableGcmCryptoSuites; |
| 29 | /** |
| 30 | * If set to true, the (potentially insecure) crypto cipher |
| 31 | * SRTP_AES128_CM_SHA1_32 will be included in the list of supported ciphers |
| 32 | * during negotiation. It will only be used if both peers support it and no |
| 33 | * other ciphers get preferred. |
| 34 | */ |
| 35 | private final boolean enableAes128Sha1_32CryptoCipher; |
| 36 | /** |
| 37 | * If set to true, encrypted RTP header extensions as defined in RFC 6904 |
| 38 | * will be negotiated. They will only be used if both peers support them. |
| 39 | */ |
| 40 | private final boolean enableEncryptedRtpHeaderExtensions; |
| 41 | |
| 42 | private Srtp(boolean enableGcmCryptoSuites, boolean enableAes128Sha1_32CryptoCipher, |
| 43 | boolean enableEncryptedRtpHeaderExtensions) { |
| 44 | this.enableGcmCryptoSuites = enableGcmCryptoSuites; |
| 45 | this.enableAes128Sha1_32CryptoCipher = enableAes128Sha1_32CryptoCipher; |
| 46 | this.enableEncryptedRtpHeaderExtensions = enableEncryptedRtpHeaderExtensions; |
| 47 | } |
| 48 | |
| 49 | @CalledByNative("Srtp") |
| 50 | public boolean getEnableGcmCryptoSuites() { |
| 51 | return enableGcmCryptoSuites; |
| 52 | } |
| 53 | |
| 54 | @CalledByNative("Srtp") |
| 55 | public boolean getEnableAes128Sha1_32CryptoCipher() { |
| 56 | return enableAes128Sha1_32CryptoCipher; |
| 57 | } |
| 58 | |
| 59 | @CalledByNative("Srtp") |
| 60 | public boolean getEnableEncryptedRtpHeaderExtensions() { |
| 61 | return enableEncryptedRtpHeaderExtensions; |
| 62 | } |
| 63 | } |
| 64 | |
| 65 | /** |
| 66 | * Options to be used when the FrameEncryptor / FrameDecryptor APIs are used. |
| 67 | */ |
| 68 | public final class SFrame { |
| 69 | /** |
| 70 | * If set all RtpSenders must have an FrameEncryptor attached to them before |
| 71 | * they are allowed to send packets. All RtpReceivers must have a |
| 72 | * FrameDecryptor attached to them before they are able to receive packets. |
| 73 | */ |
| 74 | private final boolean requireFrameEncryption; |
| 75 | |
| 76 | private SFrame(boolean requireFrameEncryption) { |
| 77 | this.requireFrameEncryption = requireFrameEncryption; |
| 78 | } |
| 79 | |
| 80 | @CalledByNative("SFrame") |
| 81 | public boolean getRequireFrameEncryption() { |
| 82 | return requireFrameEncryption; |
| 83 | } |
| 84 | } |
| 85 | |
| 86 | private final Srtp srtp; |
| 87 | private final SFrame sframe; |
| 88 | |
| 89 | private CryptoOptions(boolean enableGcmCryptoSuites, boolean enableAes128Sha1_32CryptoCipher, |
| 90 | boolean enableEncryptedRtpHeaderExtensions, boolean requireFrameEncryption) { |
| 91 | this.srtp = new Srtp( |
| 92 | enableGcmCryptoSuites, enableAes128Sha1_32CryptoCipher, enableEncryptedRtpHeaderExtensions); |
| 93 | this.sframe = new SFrame(requireFrameEncryption); |
| 94 | } |
| 95 | |
| 96 | public static Builder builder() { |
| 97 | return new Builder(); |
| 98 | } |
| 99 | |
| 100 | @CalledByNative |
| 101 | public Srtp getSrtp() { |
| 102 | return srtp; |
| 103 | } |
| 104 | |
| 105 | @CalledByNative |
| 106 | public SFrame getSFrame() { |
| 107 | return sframe; |
| 108 | } |
| 109 | |
| 110 | public static class Builder { |
| 111 | private boolean enableGcmCryptoSuites = false; |
| 112 | private boolean enableAes128Sha1_32CryptoCipher = false; |
| 113 | private boolean enableEncryptedRtpHeaderExtensions = false; |
| 114 | private boolean requireFrameEncryption = false; |
| 115 | |
| 116 | private Builder() {} |
| 117 | |
| 118 | public Builder setEnableGcmCryptoSuites(boolean enableGcmCryptoSuites) { |
| 119 | this.enableGcmCryptoSuites = enableGcmCryptoSuites; |
| 120 | return this; |
| 121 | } |
| 122 | |
| 123 | public Builder setEnableAes128Sha1_32CryptoCipher(boolean enableAes128Sha1_32CryptoCipher) { |
| 124 | this.enableAes128Sha1_32CryptoCipher = enableAes128Sha1_32CryptoCipher; |
| 125 | return this; |
| 126 | } |
| 127 | |
| 128 | public Builder setEnableEncryptedRtpHeaderExtensions( |
| 129 | boolean enableEncryptedRtpHeaderExtensions) { |
| 130 | this.enableEncryptedRtpHeaderExtensions = enableEncryptedRtpHeaderExtensions; |
| 131 | return this; |
| 132 | } |
| 133 | |
| 134 | public Builder setRequireFrameEncryption(boolean requireFrameEncryption) { |
| 135 | this.requireFrameEncryption = requireFrameEncryption; |
| 136 | return this; |
| 137 | } |
| 138 | |
| 139 | public CryptoOptions createCryptoOptions() { |
| 140 | return new CryptoOptions(enableGcmCryptoSuites, enableAes128Sha1_32CryptoCipher, |
| 141 | enableEncryptedRtpHeaderExtensions, requireFrameEncryption); |
| 142 | } |
| 143 | } |
| 144 | } |